EUCERS held its fifth roundtable event in conjunction with ACATECH – National Academy of Science and Engineering, Germany and the Konrad Adenauer Foundation – exploring the dangers of terror attacks on energy infrastructure. The event was attended by academics, industry experts, policymakers and media, held at King’s College London on 31 October 2013.
The event included keynote speeches by Jennifer Giroux of the Center for Security Studies (CSS) at the ETH Zurich, Dr Alexander Fekete, Professor of Risk and Crisis Management at the Cologne University of Applied Sciences, and Dr Frank Umbach, Associate Director of EUCERS.
Professor Dr Friedbert Pflüger, Director of EUCERS, chaired the session and recapitulated the current series of Energy Talks. He stressed the importance to discuss the topic of attacks on energy infrastructure by referring back to the events earlier this year in Algeria, as well as the on-going problems in Nigeria regarding oil theft, and the Gulf of Aden regarding piracy. Hans-Hartwig Blomeier, Director of the KAS London office welcomed speakers and participants.
Jennifer Giroux presented the Energy Infrastructure Attack Database that had been developed at CSS, which does not only include terrorism as a cause for an attack, but also piracy and insurgencies. By displaying the acquired data, she made evident how attacks on energy infrastructures have increased over the past 30 years, with repetitive peaks, constituting an average of 300-400 attacks a year. Ms Giroux stressed the importance that most of these attacks take place in clusters, implying certain regions with multiple attacks on similar targets. She presented the main geographical hot spots to be Iraq, Nigeria, Afghanistan, Pakistan, India, Columbia, Egypt, Syria, and Yemen. While cyber-attacks are of distinct interest for the center, the difficulty of identification and attribution hinders an effective inclusion of this data. Finally, Jenifer Giroux displayed the center’s approach to utilise the contagion framework to explain the various factors leading to respective attacks, based on information on the agents, hosts, and environmental factors.
Professor Dr Alexander Fekete opened his presentation by questioning whether a high risk automatically implies a high probability. He then argued that by connecting an increased security to high risk targets, probability is decreased. He underpinned this theory through data on pipeline failures in the EU from 1971 to 2006, in which attacks and crime constituted only about 3%. By referring, however, to the 2006 Switch-Off that caused a black-out over half of Western Europe, Professor Fekete displayed the severe potential consequences of a well-targeted attack on the grid, making clear that the potential implications are as important as the degree of threat. The next question, therefore, was whether Europe is prepared to degrade gracefully, implying that not all parts of the system would shut down in the event of an attack. Based on a theoretical economic assessment in Germany, such preparation was considered to be present following a high degree of diversity and redundancy in energy supply. However, in practice not immediately considered potential targets of attacks on energy infrastructure, such as bridges, can have a severe impact on the security of supply. This is due to the fact that below most bridges run several energy distributors, such as gas, electricity, water etc. Finally, Professor Fekete pointed out the various interests and philosophies in crisis and risk management by various involved state agencies, which continue to hinder an effective assessment, preparation and mitigation of an attack.
Dr Frank Umbach concluded the presentations by explaining the challenges of energy security following the lines of diversification implying greater interconnectedness, and the security implications this interconnectedness has for physical as well as cyber-attacks. He argued that the increase in connectors following the 2009 Gas blockade by Russia while having improved European energy security has opened new vulnerabilities with an increased cascading effect danger. Furthermore, cyber-attacks add the electricity grid to other high risk energy infrastructures, such as oil and gas. This is of particular importance for critical infrastructure, as in hospitals, and renewables. Dr Umbach further elaborated how the new dangers of the cyber world threaten developed states, as both power plants and critical infrastructure share two common features, which are their dependence on electricity, and the connection to the internet. This becomes all the more alarming since there is no experience in dealing with such new threats, and businesses, who have become victims of cyber-attacks or blackmailing have had a distinct interest in not publicising information in this regard. With respect to preparedness, Dr Umbach stress how the false feeling of security has enabled the attack on the Algerian power plant earlier in 2013, and pointed out the lack of awareness and acknowledgment by company leaders of security threats, which are not considered a business priority. Moreover, smaller companies will not be able to provide the funds for adequate security provisions, which decreases their presence in unstable regions with potentially severe repercussions regarding needed investments in new energy infrastructures for the future. Finally, Dr Umbach concluded that there is the need for a change in security culture in companies, reaching all the way up to the CEOs, with a distinct focus on mitigation and recovery, not just prevention and preparedness.
Following the presentations, a lively discussion between the participants and speakers developed with critical views expressed about the points made. One question for example focused on the difficulty that short-term stakeholder commitments entail with regard to a change in a company’s security culture. Professor Pflüger drew the attention again to the increase in physical events, focusing on the developments in Nigeria, where oil theft becomes an increasing problem. A new emphasis was laid on the root causes for violence, which can only be targeted by companies and states together within the respective communities, as well as on the danger of attacks on Nuclear power plants. The panel gave founded arguments to all posed questions, and pointed out with regard to the last one that nuclear power plants are among the most secure energy infrastructures, and a far greater risk and probability lies in an attack on LNG terminals in harbour cities, which could have a destructive effect similar to a tactical nuclear bomb.
A brief reception followed the event, allowing participants to exchanges views in a more informal setting.